1 #ifndef _NET_FLOW_OFFLOAD_H 2 #define _NET_FLOW_OFFLOAD_H 3 4 #include <linux/kernel.h> 5 #include <net/flow_dissector.h> 6 #include <net/sch_generic.h> 7 8 struct flow_match { 9 struct flow_dissector *dissector; 10 void *mask; 11 void *key; 12 }; 13 14 struct flow_match_meta { 15 struct flow_dissector_key_meta *key, *mask; 16 }; 17 18 struct flow_match_basic { 19 struct flow_dissector_key_basic *key, *mask; 20 }; 21 22 struct flow_match_control { 23 struct flow_dissector_key_control *key, *mask; 24 }; 25 26 struct flow_match_eth_addrs { 27 struct flow_dissector_key_eth_addrs *key, *mask; 28 }; 29 30 struct flow_match_vlan { 31 struct flow_dissector_key_vlan *key, *mask; 32 }; 33 34 struct flow_match_ipv4_addrs { 35 struct flow_dissector_key_ipv4_addrs *key, *mask; 36 }; 37 38 struct flow_match_ipv6_addrs { 39 struct flow_dissector_key_ipv6_addrs *key, *mask; 40 }; 41 42 struct flow_match_ip { 43 struct flow_dissector_key_ip *key, *mask; 44 }; 45 46 struct flow_match_ports { 47 struct flow_dissector_key_ports *key, *mask; 48 }; 49 50 struct flow_match_icmp { 51 struct flow_dissector_key_icmp *key, *mask; 52 }; 53 54 struct flow_match_tcp { 55 struct flow_dissector_key_tcp *key, *mask; 56 }; 57 58 struct flow_match_mpls { 59 struct flow_dissector_key_mpls *key, *mask; 60 }; 61 62 struct flow_match_enc_keyid { 63 struct flow_dissector_key_keyid *key, *mask; 64 }; 65 66 struct flow_match_enc_opts { 67 struct flow_dissector_key_enc_opts *key, *mask; 68 }; 69 70 struct flow_rule; 71 72 void flow_rule_match_meta(const struct flow_rule *rule, 73 struct flow_match_meta *out); 74 void flow_rule_match_basic(const struct flow_rule *rule, 75 struct flow_match_basic *out); 76 void flow_rule_match_control(const struct flow_rule *rule, 77 struct flow_match_control *out); 78 void flow_rule_match_eth_addrs(const struct flow_rule *rule, 79 struct flow_match_eth_addrs *out); 80 void flow_rule_match_vlan(const struct flow_rule *rule, 81 struct flow_match_vlan *out); 82 void flow_rule_match_cvlan(const struct flow_rule *rule, 83 struct flow_match_vlan *out); 84 void flow_rule_match_ipv4_addrs(const struct flow_rule *rule, 85 struct flow_match_ipv4_addrs *out); 86 void flow_rule_match_ipv6_addrs(const struct flow_rule *rule, 87 struct flow_match_ipv6_addrs *out); 88 void flow_rule_match_ip(const struct flow_rule *rule, 89 struct flow_match_ip *out); 90 void flow_rule_match_ports(const struct flow_rule *rule, 91 struct flow_match_ports *out); 92 void flow_rule_match_tcp(const struct flow_rule *rule, 93 struct flow_match_tcp *out); 94 void flow_rule_match_icmp(const struct flow_rule *rule, 95 struct flow_match_icmp *out); 96 void flow_rule_match_mpls(const struct flow_rule *rule, 97 struct flow_match_mpls *out); 98 void flow_rule_match_enc_control(const struct flow_rule *rule, 99 struct flow_match_control *out); 100 void flow_rule_match_enc_ipv4_addrs(const struct flow_rule *rule, 101 struct flow_match_ipv4_addrs *out); 102 void flow_rule_match_enc_ipv6_addrs(const struct flow_rule *rule, 103 struct flow_match_ipv6_addrs *out); 104 void flow_rule_match_enc_ip(const struct flow_rule *rule, 105 struct flow_match_ip *out); 106 void flow_rule_match_enc_ports(const struct flow_rule *rule, 107 struct flow_match_ports *out); 108 void flow_rule_match_enc_keyid(const struct flow_rule *rule, 109 struct flow_match_enc_keyid *out); 110 void flow_rule_match_enc_opts(const struct flow_rule *rule, 111 struct flow_match_enc_opts *out); 112 113 enum flow_action_id { 114 FLOW_ACTION_ACCEPT = 0, 115 FLOW_ACTION_DROP, 116 FLOW_ACTION_TRAP, 117 FLOW_ACTION_GOTO, 118 FLOW_ACTION_REDIRECT, 119 FLOW_ACTION_MIRRED, 120 FLOW_ACTION_VLAN_PUSH, 121 FLOW_ACTION_VLAN_POP, 122 FLOW_ACTION_VLAN_MANGLE, 123 FLOW_ACTION_TUNNEL_ENCAP, 124 FLOW_ACTION_TUNNEL_DECAP, 125 FLOW_ACTION_MANGLE, 126 FLOW_ACTION_ADD, 127 FLOW_ACTION_CSUM, 128 FLOW_ACTION_MARK, 129 FLOW_ACTION_WAKE, 130 FLOW_ACTION_QUEUE, 131 FLOW_ACTION_SAMPLE, 132 FLOW_ACTION_POLICE, 133 FLOW_ACTION_CT, 134 }; 135 136 /* This is mirroring enum pedit_header_type definition for easy mapping between 137 * tc pedit action. Legacy TCA_PEDIT_KEY_EX_HDR_TYPE_NETWORK is mapped to 138 * FLOW_ACT_MANGLE_UNSPEC, which is supported by no driver. 139 */ 140 enum flow_action_mangle_base { 141 FLOW_ACT_MANGLE_UNSPEC = 0, 142 FLOW_ACT_MANGLE_HDR_TYPE_ETH, 143 FLOW_ACT_MANGLE_HDR_TYPE_IP4, 144 FLOW_ACT_MANGLE_HDR_TYPE_IP6, 145 FLOW_ACT_MANGLE_HDR_TYPE_TCP, 146 FLOW_ACT_MANGLE_HDR_TYPE_UDP, 147 }; 148 149 struct flow_action_entry { 150 enum flow_action_id id; 151 union { 152 u32 chain_index; /* FLOW_ACTION_GOTO */ 153 struct net_device *dev; /* FLOW_ACTION_REDIRECT */ 154 struct { /* FLOW_ACTION_VLAN */ 155 u16 vid; 156 __be16 proto; 157 u8 prio; 158 } vlan; 159 struct { /* FLOW_ACTION_PACKET_EDIT */ 160 enum flow_action_mangle_base htype; 161 u32 offset; 162 u32 mask; 163 u32 val; 164 } mangle; 165 const struct ip_tunnel_info *tunnel; /* FLOW_ACTION_TUNNEL_ENCAP */ 166 u32 csum_flags; /* FLOW_ACTION_CSUM */ 167 u32 mark; /* FLOW_ACTION_MARK */ 168 struct { /* FLOW_ACTION_QUEUE */ 169 u32 ctx; 170 u32 index; 171 u8 vf; 172 } queue; 173 struct { /* FLOW_ACTION_SAMPLE */ 174 struct psample_group *psample_group; 175 u32 rate; 176 u32 trunc_size; 177 bool truncate; 178 } sample; 179 struct { /* FLOW_ACTION_POLICE */ 180 s64 burst; 181 u64 rate_bytes_ps; 182 } police; 183 struct { /* FLOW_ACTION_CT */ 184 int action; 185 u16 zone; 186 } ct; 187 }; 188 }; 189 190 struct flow_action { 191 unsigned int num_entries; 192 struct flow_action_entry entries[0]; 193 }; 194 195 static inline bool flow_action_has_entries(const struct flow_action *action) 196 { 197 return action->num_entries; 198 } 199 200 /** 201 * flow_action_has_one_action() - check if exactly one action is present 202 * @action: tc filter flow offload action 203 * 204 * Returns true if exactly one action is present. 205 */ 206 static inline bool flow_offload_has_one_action(const struct flow_action *action) 207 { 208 return action->num_entries == 1; 209 } 210 211 #define flow_action_for_each(__i, __act, __actions) \ 212 for (__i = 0, __act = &(__actions)->entries[0]; __i < (__actions)->num_entries; __act = &(__actions)->entries[++__i]) 213 214 struct flow_rule { 215 struct flow_match match; 216 struct flow_action action; 217 }; 218 219 struct flow_rule *flow_rule_alloc(unsigned int num_actions); 220 221 static inline bool flow_rule_match_key(const struct flow_rule *rule, 222 enum flow_dissector_key_id key) 223 { 224 return dissector_uses_key(rule->match.dissector, key); 225 } 226 227 struct flow_stats { 228 u64 pkts; 229 u64 bytes; 230 u64 lastused; 231 }; 232 233 static inline void flow_stats_update(struct flow_stats *flow_stats, 234 u64 bytes, u64 pkts, u64 lastused) 235 { 236 flow_stats->pkts += pkts; 237 flow_stats->bytes += bytes; 238 flow_stats->lastused = max_t(u64, flow_stats->lastused, lastused); 239 } 240 241 enum flow_block_command { 242 FLOW_BLOCK_BIND, 243 FLOW_BLOCK_UNBIND, 244 }; 245 246 enum flow_block_binder_type { 247 FLOW_BLOCK_BINDER_TYPE_UNSPEC, 248 FLOW_BLOCK_BINDER_TYPE_CLSACT_INGRESS, 249 FLOW_BLOCK_BINDER_TYPE_CLSACT_EGRESS, 250 }; 251 252 struct netlink_ext_ack; 253 254 struct flow_block_offload { 255 enum flow_block_command command; 256 enum flow_block_binder_type binder_type; 257 bool block_shared; 258 struct net *net; 259 struct list_head cb_list; 260 struct list_head *driver_block_list; 261 struct netlink_ext_ack *extack; 262 }; 263 264 struct flow_block_cb { 265 struct list_head driver_list; 266 struct list_head list; 267 struct net *net; 268 tc_setup_cb_t *cb; 269 void *cb_ident; 270 void *cb_priv; 271 void (*release)(void *cb_priv); 272 unsigned int refcnt; 273 }; 274 275 struct flow_block_cb *flow_block_cb_alloc(struct net *net, tc_setup_cb_t *cb, 276 void *cb_ident, void *cb_priv, 277 void (*release)(void *cb_priv)); 278 void flow_block_cb_free(struct flow_block_cb *block_cb); 279 280 struct flow_block_cb *flow_block_cb_lookup(struct flow_block_offload *offload, 281 tc_setup_cb_t *cb, void *cb_ident); 282 283 void *flow_block_cb_priv(struct flow_block_cb *block_cb); 284 void flow_block_cb_incref(struct flow_block_cb *block_cb); 285 unsigned int flow_block_cb_decref(struct flow_block_cb *block_cb); 286 287 static inline void flow_block_cb_add(struct flow_block_cb *block_cb, 288 struct flow_block_offload *offload) 289 { 290 list_add_tail(&block_cb->list, &offload->cb_list); 291 } 292 293 static inline void flow_block_cb_remove(struct flow_block_cb *block_cb, 294 struct flow_block_offload *offload) 295 { 296 list_move(&block_cb->list, &offload->cb_list); 297 } 298 299 bool flow_block_cb_is_busy(tc_setup_cb_t *cb, void *cb_ident, 300 struct list_head *driver_block_list); 301 302 int flow_block_cb_setup_simple(struct flow_block_offload *f, 303 struct list_head *driver_list, tc_setup_cb_t *cb, 304 void *cb_ident, void *cb_priv, bool ingress_only); 305 306 enum flow_cls_command { 307 FLOW_CLS_REPLACE, 308 FLOW_CLS_DESTROY, 309 FLOW_CLS_STATS, 310 FLOW_CLS_TMPLT_CREATE, 311 FLOW_CLS_TMPLT_DESTROY, 312 }; 313 314 struct flow_cls_common_offload { 315 u32 chain_index; 316 __be16 protocol; 317 u32 prio; 318 struct netlink_ext_ack *extack; 319 }; 320 321 struct flow_cls_offload { 322 struct flow_cls_common_offload common; 323 enum flow_cls_command command; 324 unsigned long cookie; 325 struct flow_rule *rule; 326 struct flow_stats stats; 327 u32 classid; 328 }; 329 330 static inline struct flow_rule * 331 flow_cls_offload_flow_rule(struct flow_cls_offload *flow_cmd) 332 { 333 return flow_cmd->rule; 334 } 335 336 #endif /* _NET_FLOW_OFFLOAD_H */ 337